<?php include "../../layout/header.php"; ?>
<script type="text/javascript" src="<?php echo($siteroot);?>js/admin/finduser.js"></script>
<link rel="stylesheet" href="<?php echo($siteroot);?>css/admin.css" type="text/css" />
<?php include "../../layout/navleft.php"; ?>
<?php include "../../db/dbconnect.php"; ?>

<div id="content_small">
    <div class="container_brown">
    	<font face="Verdana" color = brown size = 2.5px> <a href="admin.php" >Admin</a></font>
        <font face="Verdana" color =brown size = 2.5px> > Find User</font><br><br>
        <?php if(isset($role) && $role == 'A'){?>
    	<div class="admin_div">
        Fill any of the fields below to search for users.
        <br><br>
        
        <form action="admin_find_user.php" method="post">
            <table id="user_search_table">
                <tr>
                    <td class="user_search_keyname">Usename: </td>
                    <td><input id="uname" type="taxt" name="uname" onKeyPress="checkParameter(event)" <?php if(isset($_POST['uname'])) echo 'value='.$_POST['uname'];?>></td>
                </tr>
                <tr>
                    <td class="user_search_keyname">First Name: </td>
                    <td><input id="fname" type="text" name="fname" onKeyPress="return checkParameter(event);" <?php if(isset($_POST['fname'])) echo 'value='.$_POST['fname'];?>></td>
                </tr>
                <tr>
                    <td class="user_search_keyname">Last Name: </td>
                    <td><input idi="lname" type="text" name="lname" onKeyPress="return checkParameter(event);" <?php if(isset($_POST['lname'])) echo 'value='.$_POST['lname'];?>></td>
                </tr>   
                    <td colspan="2" align="right">
                        <input type="submit" name ="submit_button" value="Search"/>
                    </td>
                </tr>
            </table>
        </form>

            <br><hr><br>

            <!--<form action="admin_monitor_user.php" method="post">-->
            	<div id="user_list_div">
                <table id="user_list_table" border="1" cellspacing=1 cellpadding=8>
                    <?php
                    $query = "SELECT * FROM User";
                    if(isset($_POST['submit_button']) && $_POST['submit_button'] == "Search") {
                        $query .= " WHERE ";
                        $flag = 0;
                        if (!empty($_POST['uname'])) {
                            $query .= "username LIKE '%".$_POST['uname']."%'";
                            $flag = 1;
                        }
                        if (!empty($_POST['fname'])) {
                        	if($flag > 0) $query .= " ";
                            $query .= "first_name LIKE '%".$_POST['fname']."%'";
                        }
                        if (!empty($_POST['lname'])) {
                        	if($flag > 0) $query .= " ";
                            $query .= "last_name LIKE '%".$_POST['lname']."%'";
                        }
                        $rs = mysql_query($query);
                        if($rs) $dbrow = mysql_num_rows($rs); // test
                        else $dbrow = 0;
                        ?>
                        <thead><tr>
                    		<th width="20%">Username</th>
                    		<th width="30%">email</th>
                        	<th width="15%">Gold</th>
                        	<th width="15%">isBanned</th>
                        	<th width="10%">Edit?</th>
                        </tr></thead>
                        <?php
                        if($dbrow > 0){
	                        while ($row = mysql_fetch_array($rs)) {
	                    ?>
	                    <form action="admin_monitor_user.php" method="post">
	                    <tr>
	                        <td><?php echo($row['username']);?></td>
	                        <td><?php echo($row['email']);?></td>
	                        <td><?php echo($row['gold']);?></td>
	                        <td>
	                        <?php 
	                            if($row['isBanned']) echo "Yes";
	                            else echo "No";?>
	                        </td>
	                        <td><input type="hidden" value="<?php echo($row['uid']);?>" name="uid"/>
	                        <input type="submit" name="submit_button" value="Edit"/></td>
	                    </tr>
	                    </form>
	                    <?php
	                        }
                        }
                        echo "</table>";
                    }

                    ?>
                </table>
			</div>
        </div>
        <?php }else{?>
			<br><br>
			<p class="admin_head">This page is for administrator only.</p>
			<br><br>
		<?php
		}?>
    </div>
</div>

<?php include "../../layout/navright.php"; ?>
<?php include "../../layout/footer.php"; ?>